Latest news as of 6/19/2025, 10:23:11 PM
The Hacker News
Microsoft and CrowdStrike have announced that they are teaming up to align their individual threat actor taxonomies by publishing a new joint threat actor mapping. "By mapping where our knowledge of these actors align, we will provide security professionals with the ability to connect insights faster and make decisions with greater confidence," Vasu Jakkal, corporate vice president at Microsoft
The Hacker News
Google has revealed that it will no longer trust digital certificates issued by Chunghwa Telecom and Netlock citing "patterns of concerning behavior observed over the past year." The changes are expected to be introduced in Chrome 139, which is scheduled for public release in early August 2025. The current major version is 137. The update will affect all Transport Layer Security (TLS)
Have I Been Pwned
In May 2025, . ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were exposed in the incident along with names and MD5-Crypt password hashes. hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product
The Hacker News
Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild. The high-severity flaw is being tracked as CVE-2025-5419, and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. "Out of bounds read and write in V8 in Google
Dark Reading
Organizations need to abandon perimeter-based security for data-centric protection strategies in today's distributed IT environments.
Bleeping Computer
Outdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company's website in April. [...]
Bleeping Computer
Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers' personal information after its systems were compromised. [...]
Dark Reading
The Emergency Management and Response - Information Sharing and Analysis Center provided essential information to the emergency services sector on physical and cyber threats and its closure leaves an information vacuum for these organizations.
Dark Reading
New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.
The Register
A real-world Trojan Horse attack Ukraine claims it launched a cunning drone strike on Sunday against multiple Russian airbases, hitting over 40 military aircraft and inflicting an estimated $7 billion in damage, in an operation dubbed "Spiderweb."…